package top.zy.admin.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.util.StringUtils;
import top.zy.admin.dao.AdminMapper;
import top.zy.admin.dao.PermissionMapper;
import top.zy.admin.dao.RoleMapper;
import top.zy.admin.dto.AdminInfo;
import top.zy.admin.entity.Admin;
import top.zy.admin.entity.Permission;
import top.zy.admin.entity.Role;

/**
 * @Author: HouZeYu
 * @Description:
 * @Date: Created in 14:14 2019/7/18
 */
public class AdminAuthorizingRealm extends AuthorizingRealm {


    @Autowired
    private AdminMapper adminMapper;
    @Autowired
    private RoleMapper roleMapper;
    @Autowired
    private PermissionMapper permissionMapper;
    @Autowired
    private BCryptPasswordEncoder passwordEncoder;

    /***
     * 授权
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        if (principalCollection==null){
            throw new AuthorizationException("PrincipalCollection method argument cannot be null");

        }
         String username = (String)principalCollection.getPrimaryPrincipal();
         Admin admin= adminMapper.selectAdminByUserName(username);
         SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();
        for (Role role : admin.getRoles()) {
            authorizationInfo.addRole(role.getName());
            for (Permission permission : role.getPermissions()) {
                authorizationInfo.addStringPermission(permission.getPermission());
            }
        }
        return authorizationInfo;
    }

    /***
     * 登录
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
       UsernamePasswordToken usernamePasswordToken= (UsernamePasswordToken) authenticationToken;
        String username = usernamePasswordToken.getUsername();
        String password = new String(usernamePasswordToken.getPassword());
        if (StringUtils.isEmpty(username)||StringUtils.isEmpty(password)){
            throw new AccountException("用户名密码不能为空");
        }
        Admin admin= adminMapper.selectAdminByUserName(username);
        if (admin==null){
            throw new UnknownAccountException("用户名或密码不正确");
        }
        if (!passwordEncoder.matches(password,admin.getPassword())){
            throw new UnknownAccountException("用户名或密码不正确");
        }
        SimpleAuthenticationInfo authenticationInfo=new SimpleAuthenticationInfo(admin,admin.getPassword(),getName());
        return authenticationInfo;
    }
}
